Merge pull request #240 from cisagov/lineage/skeleton

Lineage pull request for: skeleton

Author: mcdonnnj

.github/workflows/build.yml

@@ -400,14 +400,14 @@ jobs:
           # this workflow.
           permissions_monitoring_config: ${{ vars.ACTIONS_PERMISSIONS_CONFIG }}
       - name: Download Docker image artifact
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: dist
           path: dist
       - name: Load Docker image
         run: docker load < dist/image.tar.gz
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.32.0
+        uses: aquasecurity/trivy-action@0.33.0
         with:
           image-ref: ${{ needs.repo-metadata.outputs.image-name }}:latest
   test:
@@ -471,7 +471,7 @@ jobs:
           python -m pip install --upgrade pip setuptools wheel
           pip install --upgrade --requirement requirements-test.txt
       - name: Download Docker image artifact
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: dist
           path: dist

.pre-commit-config.yaml

@@ -133,7 +133,7 @@ repos:
           - --config=.bandit.yml
   # Run bandit on everything except the "tests" tree
   - repo: https://github.com/PyCQA/bandit
-    rev: 1.7.10
+    rev: 1.8.3
     hooks:
       - id: bandit
         name: bandit (everything else)